<?php
# 文件名称:user.model.php
# MetInfo在线反馈系统 
# Copyright (C) 长沙米拓信息技术有限公司 (http://www.metinfo.cn). All rights reserved.
class userModel extends C_model {
	var $_lists   = array();
	
	var $_groupsItems = null;
	
	var $_pagination = null;
	
    function userModel()
    {
        parent::C_model();
    }
	//单个用户记录
	function getUser()
	{
		if (!empty( $this->_one )) 
		{
			return $this->_one;
		}
		$SYS =&get_instance();
		//参数过滤
		$id = $SYS->request->getVar( 'cid', array(0), '', 'array' );
		//数据
		$query = 'SELECT *' .
				 ' FROM '.$this->_db->_table_prefix.'admin_table'.
				 ' WHERE id='.$id[0]
				;
		$this->_db->setQuery($query);
		$this->_one = $this->_db->loadObject();	
		$this->getAssignedGroups($id[0]);
		return $this->_one;
	}
	//用户数据集
	function getUsers()
	{
		if (!empty( $this->_data ))
		{
			return $this->_data;
		}
		$SYS =&get_instance();
		// 获取请求的数据
		$filter_order		= $SYS->request->getVar( "filter_order",		'a.admin_modify_date',		'post',	'cmd' );
		$filter_order_Dir	= $SYS->request->getVar( "filter_order_Dir",	'desc',				'post',	'word' );
		$filter_group		= $SYS->request->getVar( "filter_group",		'0', 				'post',	'int' );
		//$filter_logged		= $SYS->request->getVar( "filter_logged",		'filter_logged', 	'post',			'int' );
		$search				= $SYS->request->getVar( "search",			    '', 			    'post',	'string' );
		
		$search = $SYS->request->getVar( 'search' );
		$admin_id = $SYS->request->getVar( 'admin_id' );
		$admin_name = $SYS->request->getVar( 'admin_name' );
		$limit = $SYS->request->getInt( 'limit' ,10);
		$limitstart = $SYS->request->getInt( 'limitstart' );
		//过滤查询
		$where = array();
		if (isset( $search ) && $search!= '')
		{
			$searchEscaped = $this->_db->Quote( '%'.$this->_db->getEscaped( $search, true ).'%', false );
			$where[] = 'a.admin_id LIKE '.$searchEscaped.' OR a.admin_email LIKE '.$searchEscaped.' OR a.admin_name LIKE '.$searchEscaped;
		}
		$user = $SYS->session->get('admin_name');
		//管理员才能管理
		if(in_array("1",explode(",",$user->gid)))
		{			
			if($filter_group != 0)
			{
				$where[] = '(a.gid = \''.$filter_group.'\' OR a.gid like \''.$filter_group.',%\' OR a.gid like \''.$filter_group.',%\' OR a.gid like \'%,'.$filter_group.'\' OR a.gid like \'%,'.$filter_group.',%\')';
			}
		}else $where[] = 'a.id='.$user->id;
		$orderby = ' ORDER BY '. $filter_order .' '. $filter_order_Dir;
		$where = (count($where) ? ' WHERE '.implode(' AND ', $where) : '');
		//分页
		_import('html/pagination',false);
		$query = 'SELECT COUNT(*)' .
				' FROM '.$this->_db->_table_prefix.'admin_table'.' AS a '.
				$where.
				$orderby;
		$this->_db->setQuery($query);
		$total = $this->_db->loadResult();
		$this->_pagination = new C_pagination( $total, $limitstart, $limit );
		//数据集
		$query = 'SELECT *' .
				' FROM '.$this->_db->_table_prefix.'admin_table'.' AS a '.
				$where.
				$orderby;
		$this->_data = $this->_getArrayList( $query, $this->_pagination->limitstart, $this->_pagination->limit );
		$this->_lists['order_Dir']		= $filter_order_Dir;
		$this->_lists['order']			= $filter_order;
		$this->_lists['filter_group']	= $filter_group;
		$this->_lists['search']			= $search;
		return $this->_data;
	}
	//用户所属用户组
	function getAssignedGroups($userId = null)
	{
		$this->_db->setQuery(
				'SELECT `group_id`' .
				' FROM `'.$this->_db->_table_prefix.'user_usergroup_map`' .
				' WHERE `user_id` = '.$userId
			);
		C_loader::helper('array');
		$this->_groups = $this->_db->loadResultArray();	
		toInteger($this->_groups);
		// 验证错误
		if ($this->_db->getErrorNum()) {
			return false;
		}
	}
	//用户所属用户组
	function getUserGroups()
	{
		return $this->_groups;
	}
	//排序,下拉
	function getLists()
	{		
		return $this->_lists;
	}
	//分页
	function getPagination()
	{
		return $this->_pagination;
	}
	//单个用户组记录
	function &getGroupsItem ($groupId = null)
	{	
		$SYS =&get_instance();
		$groupId = $SYS->request->getVar( 'cid', array(0), '', 'array' );
		$table = C_loader::getDTO('usergroup');
		$table->load($groupId[0]);
		$SYS->loader->helper('array');
		$value = toObject($table->getProperties());				
		return $value;
	}
	//所属上级用户组
	function &getGroupsOptions()
	{
		$SYS =&get_instance();
		$groupId = $SYS->request->getVar( 'cid', array(0), '', 'array' );		
		
		$this->_db->setQuery(
			'SELECT a.parent_id' .
			' FROM '.$this->_db->_table_prefix.'usergroups AS a' .
			' WHERE a.id='.$groupId[0]
		);
		$parentId = $this->_db->loadResult();
		$options = C_Html::_('access.usergroup', 'c_form[parent_id]',$parentId,'class="inputbox"',$groupId[0]);
		return $options;
	}
	//用户组记录集
	function &getGroupsItems()
	{
		if (!empty( $this->_groupsItems ))
		{
			return $this->_groupsItems;
		}
		
		$SYS =&get_instance();
		$search	= $SYS->request->getVar( "search",'', 'post','string' );
		//过滤查询
		$where = array();
		if (isset( $search ) && $search!= '')
		{
			$searchEscaped = $this->_db->Quote( '%'.$this->_db->getEscaped( $search, true ).'%', false );
			$where[] = 'a.title LIKE '.$searchEscaped;
		}
		$orderby = ' GROUP BY a.id ORDER BY a.lft ASC ';
		$where = (count($where) ? ' WHERE '.implode(' AND ', $where) : '');
		$query = 'SELECT a.*,COUNT(DISTINCT c2.id) AS level,COUNT(DISTINCT map.user_id) AS user_count '. 
				' FROM `'.$this->_db->_table_prefix.'usergroups` AS a '.
				' LEFT OUTER JOIN `'.$this->_db->_table_prefix.'usergroups` AS c2 ON a.lft > c2.lft AND a.rgt < c2.rgt '.
				' LEFT JOIN `'.$this->_db->_table_prefix.'user_usergroup_map` AS map ON map.group_id = a.id '.
				' LEFT JOIN '.$this->_db->_table_prefix.'usergroup_rule_map AS ugrm ON ugrm.group_id = a.id '.
				' LEFT JOIN '.$this->_db->_table_prefix.'access_rules AS r ON r.id = ugrm.rule_id AND r.access_type = 1 '.
				$where.
				$orderby;
		$this->_groupsItems = $this->_getObjectList( $query );
		return $this->_groupsItems;
	}
	//保存用户组
	function saveGroup($data)
	{
		$SYS =&get_instance();
		$isNew	= true;
		
		// 初始化数据
		$groupId = $data['id'];
		$table = C_loader::getDTO('usergroup');
		if ($groupId > 0) {
			$table->load($groupId);
			$isNew = false;
		}
		_import('user/access/simplerule',false);
		// 动作权限	
		$rule		= C_simpleRule::getInstance();
		$rule->setSection(intval($data['section_id']));
		$data['section']=$rule->_section_name;
		// 绑定数据
		if (!$table->bind($data)) {			
			return false;
		}
		// 验证
		if (!$table->check()) {
			return false;
		}
		// 保存
		if (!$table->store()) {			
			return false;
		}
		$groupId = $table->id;
		//管理员权限不许更改
		if($data['id'] == 1)
		{	
			return;
		}
		if (!isset($data['actions'])) {
			$data['actions'] = array();
		}		
		
		$query = 'SELECT name FROM '.$table->_db->_table_prefix.'access_sections';
		$table->_db->setQuery($query);
		$sections = $table->_db->loadObjectList();
		
		foreach($sections AS $key=>$val)
		{
			$actions	= C_simpleRule::getRules($val->name, 1);		
			foreach ($actions as $action)
			{
				$rule->load($action->name);
				// 单个动作权限所有的用户组
				$groups		= $rule->getUserGroups();
				// 是否选择该动作权限
				$hasAction	= in_array($action->id, $data['actions']);
				// 该用户组是否在groups中
				$inGroup	= in_array($groupId, $groups);
				$changed	= false;
				if ($hasAction && !$inGroup) {
					// 从单个动作权限中添加该用户组
					$groups[]	= $groupId;
					$changed	= true;
				}
				else if (!$hasAction && $inGroup) {
					// 从单个动作权限中移除该用户组
					$k			= array_search($groupId, $groups);
					array_splice($groups, $k, 1);
					$changed	= true;
				}
				//是否更改
				if ($changed)
				{
					$rule->setUserGroups($groups);
					if (!$rule->store()) {						
						return false;
					}
				}
			}
		}
		return true;
		
	}
	
}
# 本程序是一个开源系统,使用时请你仔细阅读使用协议,商业用途请自觉购买商业授权.
# Copyright (C) 长沙米拓信息技术有限公司 (http://www.metinfo.cn). All rights reserved.
?>